Method and apparatus for delivering keying information

摘要

A method of delivering an application key or keys to an application server for use in securing data exchanged between the application server and a user equipment, the user equipment accessing a communications network via an access domain. The method comprises running an Authentication and Key Agreement procedure between the user equipment and a home domain in order to make keying material available to the user equipment and to an access enforcement point. At least a part of said keying material is used to secure a communication tunnel between the user equipment and the access enforcement point, and one or more application keys are derived within the home domain using at least part of said keying material. Said application key(s) is(are) provided to said application server, and the same application key(s) derived at the user equipment, wherein said access enforcement point is unable to derive or have access to said application key(s).

主权项

1. A method of delivering an application key or keys to an application server for use in securing data exchanged between the application server and a user equipment, the user equipment accessing a communications network via an access domain, the method comprising:
running an Authentication and Key Agreement procedure between the user equipment and a home domain in order to make keying material available to the user equipment and to an access enforcement point, and using at least a part of said keying material to secure a communication tunnel between the user equipment and the access enforcement point; deriving one or more application keys within the home domain using at least part of said keying material, providing said application key(s) to said application server, and deriving the same application key(s) at the user equipment, wherein said access enforcement point is unable to derive or have access to said application key(s).